ZFS Mount Options For Better Performance
I have over 20 LXCs running various services and sites, most of which are database driven. All of them share my ZFS pool, and can create a huge amount of I/O delay by just being on - which in my case, is caused by mount options. In each one of my LXCs, under Resources and Root Disk, there is an option to reduce I/O which I have set to noatime. This dropped I/O delay from ~30% to less than ~10% at rest!
Mount Options
These are standard Linux filesystem mount options that are passed to the kernel when the LXC's root filesystem (or any mounted disk) is brought online.
| Mount Option | What It Does | Relevance to Me | When to Use |
| discard | This option enables TRIM (for SATA SSDs) or UNMAP (for NVMe SSDs) functionality. It tells the underlying storage device (SSD) which data blocks are no longer in use (i.e., have been deleted by the filesystem). This allows the SSD's garbage collection process to work more efficiently, improving long-term write performance and extending the SSD's lifespan | None, my ZFS pool uses HDD not SDD | Only select if the underlying storage device disk is SDD |
| lazytime | This is an optimization for how Linux updates file access times (atime). By default (without noatime or lazytime), every time a file is read (accessed), its atime metadata is updated, which incurs a small write operation to the disk. lazytime makes these atime updates happen less frequently and in memory first, batching them into fewer, larger writes to disk. This reduces overall disk write activity | Good general-purpose optimization for HDDs, reduces random write I/O | Generally recommended to enable for most workloads on HDDs |
| noatime | This takes lazytime a step further by completely disabling the updating of file access times (atime). When noatime is used, the atime of a file is never updated, even if the file is read | This provides the maximum reduction in atime-related disk writes. For most server workloads (like web servers, databases, containers), knowing the exact last access time of a file isn't critical | Highly recommended for almost all LXCs on HDDs, especially for performance-sensitive applications like web servers and databases. It has almost no downsides for typical server use cases and significantly reduces random write I/O. This is generally preferred over lazytime for maximum I/O reduction |
| nosuid | This is a security-focused mount option. It prevents programs with the "set-user-ID" (SUID) or "set-group-ID" (SGID) bits set from gaining elevated privileges when executed from this filesystem | For LXC containers, where you might be downloading software or user-uploaded content, enabling nosuid for the root disk or specific mount points is a good security practice to prevent local privilege escalation attacks within the container or host | Generally recommended for LXC root filesystems and any user-writable or untrusted mount points for improved security. It has a negligible performance impact |